CVSS:6.5(Medium)
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator privileg...
CVSS:6.5(Medium)
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers (administrator) to escalate their privileges to Super Admin Permissions.
CVSS:6.5(Medium)
Improper restriction of rendered UI layers or frames issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user views and clicks on the content on the malicious page while logged in, unintended ope...
CVSS:6.5(Medium)
GLPI is a free asset and IT management software package. Prior to version 10.0.18, a low privileged user can enable debug mode and access sensitive information. Version 10.0.18 contains a patch. As a ...
CVSS:6.5(Medium)
The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' functi...
CVSS:6.5(Medium)
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial o...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Social Links allows Stored XSS. This issue affects Social Links: from n/a through 1.0.11.
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shujahat21 Optimate Ads allows Stored XSS. This issue affects Optimate Ads: from n/a through 1.0.3...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RJ Quickcharts allows Stored XSS. This issue affects RJ Quickcharts: from n/a through 0.6...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Polonski Smart Countdown FX allows Stored XSS. This issue affects Smart Countdown FX: from n/...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Like dislike plus counter allows Stored XSS. This issue affects Like dislike plus counter...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Links in Captions allows Stored XSS. This issue affects Links in Captions: from n/a thro...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kwiliarty External Video For Everybody allows Stored XSS. This issue affects External Video For Ev...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titusbicknell RSS in Page allows Stored XSS. This issue affects RSS in Page: from n/a through 2.9....
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reverbnationdev ReverbNation Widgets allows Stored XSS. This issue affects ReverbNation Widgets: f...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker allows Stored XSS. This issue affects Breaking News Ticker: f...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackdesign NextGen Cooliris Gallery allows Stored XSS. This issue affects NextGen Cooliris Gallery...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matt_mcbrien WP SimpleWeather allows Stored XSS. This issue affects WP SimpleWeather: from n/a thr...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound UniTimetable allows Stored XSS. This issue affects UniTimetable: from n/a through 1.1.
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Chirkov FlexIDX Home Search allows Stored XSS. This issue affects FlexIDX Home Search: from n/...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gubbigubbi Kona Gallery Block allows Stored XSS. This issue affects Kona Gallery Block: from n/a t...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Garrett Grimm Simple Select All Text Box allows Stored XSS. This issue affects Simple Select All T...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrew Norcross Google Earth Embed allows Stored XSS. This issue affects Google Earth Embed: from ...
CVSS:6.5(Medium)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugbug Easy Chart Builder for WordPress allows Stored XSS. This issue affects Easy Chart Builder f...